Reflexive Access-List


As part of the security team you are always looking for ways to improve security within the company. You want to get rid of all the local vty/console logins within your network so you decide to implement some AAA security.


  • All IP addresses have been configured for you, look at the topology picture for the IP addresses.
  • OSPF has been preconfigured for full connectivity.
  • Configure router Mirror so ICMP and TCP traffic from network /24 is allowed.
  • Configure router Mirror with an inbound access-list on the FastEthernet1/0 interface so return traffic is allowed. You are not allowed to create specific entries.



Reflexive Access List

Video Solution:

Configuration Files

You need to register to download the GNS3 topology file. (Registration is free!)

Once you are logged in you will find the configuration files right here.

Opt In Image
Do you want your CCNA or CCNP Certificate?

The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.

Written by René Molenaar - CCIE #41726

You May Also Like

About the Author: Rene Molenaar

René - CCIE #41726 is the creator of where he shares CCNA, CCNP and CCIE R&S labs. He also blogs about networking on


  1. Hey Am I missing something here ? What about the labs that don’t have a video ? I mean , is there a text file for the solution or something ? Great work Rene 😀

Comments are closed.